Exploiting buggy/weak Firewall's

This is an article on Exploiting buggy/weak Firewall's in Ethical hacking Tips.

Rated 5.00 By 1 users

In this tutorial we'll be looking at a new way(at least for me) to bypass weak firewalls...

A firewall is a device or set of devices designed to permit or deny network transmissions based upon a set of rules and is frequently used to protect networks from unauthorized access while permitting legitimate communications to pass. (Wikipedia)

In basic language.. Firewall contains a list of some basic rules/signatures like packet filters etc etc.. It basically checks the network traffic for content that can be malicious or can be potentially harmful for the machine..

Firewalls are implemented for securing parts of the network from Hackers or any malicious users but , However if a Firewall is poorly written/implemented it will make the exploitation easier rather.. for demonstrating how these can be exploited I'll take up a Scenario..

Scenario

Most of the buggy firewalls out there carry out packet filtering by relying on the packet data..(Which indeed not to be trusted upon)..

Lets take an example that there is a System with one of these buggy firewalls and is protecting SSH , SMB etc.. But still other services like ftp and http are not filtered as they are readily used by their clients..

Now our job is to carry out requests with 22 as port number (FTP) and Destination Port No set to the service we want to access(SMB Port 445)..This would bypass the firewall leading to easy exploitation..